On Sun, Oct 26, 2014, at 06:48 AM, s7r wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 10/26/2014 9:06 AM, goll wrote:
Which package exactly? I'm guessing you're using the deb? Which OS? What CPU architecture?
No, using the rpm, CentOS 6, x86_64.
The next question would be whether you somehow disabled your curve25519 support -- but I don't know how to easily check that with the deb.
Found this link. could it be distribution related? http://www.denniswinter.de/compiling-tor-crashes-on-centos-at-curve25519-don...
And also, I'm running my system in FIPS mode, but that shouldn't impact curve25519, it's mainly to disable insecure algorithms like md5.
br
Please note that CentOS is using the OpenSSL custom version from their upstream distro which is Red Hat Enterprise. Red Hat strips some things from the ordinary OpenSSL package we use in Debian, including some curves. I don't know about curve25519 especially, since I am on Debian and FreeBSD mostly, but I know for sure that CentOS lacks some EC curves. I have tried to configure a bitcoin wallet on CentOS 7 few months ago and I couldn't install it as it comes 'out of the box' because it was missing the curve bitcoin requires to perform ECDSA.
Does this help? https://trac.torproject.org/projects/tor/ticket/9699
There has to be someone else running a Tor relay on CentOS here, maybe we can hear from them how their relays are performing.
[...]
Hi,
I'm also running a relay on CentOS 6.5 on x86_64, with tor installed from the rpm. My logs also show 0 NTor handshakes since I upgraded to 0.2.5.9-rc (and later to 0.2.5.10).
I just tried compiling 0.2.5.10 (giving configure --enable_curve25519), and it compiled successfully, and 'make test' showed it passing a series of curve25519 tests. I'll probably try running the version I compiled and check the NTor counts on that one.
Cheers,